Posts

If you haven’t already, you should read this long story on how longtime US diplomat Robin Raphel came to have her life turned upside down based on a frivolous espionage investigation. The piece has earned a lot of praise both for the reporting that went into it and the writing.

I want to point to a few lessons from the piece.

The “Tip”

As the piece explains, Raphel served for decades in Pakistan and South Asia generally, developing a lot of close ties there (she also did a stint in Iraq at the beginning of the war).

Over the years, she was one of the few remaining people who would get out of US compounds to go meet with Pakistanis directly. Precisely because she was engaging directly (or collecting human intelligence, in the view of the spooks), she would be captured in a great deal of intercepts targeting her interlocutors, meaning anything that appeared amiss would elicit attention from the NSA analysts reviewing the intercepts.

The NSA regularly swept up Pakistani communications “to, from or about” senior U.S. officials working in the country. Some American officials would appear in Pakistani intercepts as often as once a week. What Raphel didn’t realize was that her desire to engage with foreign officials, the very skill set her supervisors encouraged, had put a target on her back.

By the time Raphel returned to Pakistan under the Obama Administration, the NSA included Pakistan’s ruling party by name in the Section 702 foreign government certificate, which provides some indication of how much NSA was vacuuming up.

As far back as the 1990s, intelligence agencies deemed Raphel to be too sympathetic to Pakistani views, a view which continued when she returned to Pakistan under Obama.

In 2013, FBI received a “tip” purportedly implicating Raphel based off intercepts targeted at Pakistanis.

In February 2013, according to law-enforcement officials, the FBI received information that made its agents think Raphel might be a Pakistani mole.

The tip came in the form of intercepted communications that suggested Raphel had shared sensitive inside information without authorization. Two officials said this included information collected on wiretaps of Pakistani officials in the U.S.

The description of this tip suggests Raphel was talking with Pakistanis located in the US. Even there, there is room for ambiguity; it could also suggest (but probably doesn’t) that the wiretaps, not the Pakistani officials, were in the US.

The article also suggests Raphel’s conversations with a Pakistani woman named Maleeha Lodhi were among the most interesting to spies. When Raphel was Assistant Secretary of South Asian Affairs in the mid-1990s, Lodhi was Ambassador to the US, but she had been a journalist before and returned to journalism after that post; she is now Pakistan’s representative to the UN.

[Lodhi] had returned to the news business, writing a regular column and appearing as a commentator on Pakistani television. American officials said they had no doubt that Lodhi was more than an ordinary journalist, however.

In her six years in Washington as Pakistan’s ambassador, Lodhi had earned a reputation as a reliable source for what Pakistani officials were thinking, and in particular, as a trusted conduit for relaying messages to Pakistan’s senior military leadership in Rawalpindi, U.S. officials said. She was, in State Department parlance, an “influencer.” One reason U.S. officials trusted her: The NSA had long been monitoring her communications.

In other words, the NSA was targeting a journalist’s communications. The story presents conflicting viewpoints about how much of Lodhi’s information got back to the Pakistani government, with US sources insinuating that because she shared a lot of information with the Pakistani government, she wasn’t really a journalist. To a great degree that’s just a rationalization.Not only does the same kind of information sharing between journalists and government officials happen here. But the US targeted Lodhi not because she was deemed a threat, but because she was a good source of information. I suspect WSJ’s sources shared those competing claims in an attempt to obscure, from both Congress and FISA Court observers, how broadly the NSA targets off foreign government 702 certificates, such that it can include journalists with close ties but no formal relationship with a foreign government.

Moreover, the two versions of the basis of the tip on Raphel — Pakistani officials in the US versus Lodhi — may also serve to obscure what authority she first got targeted under. That is, if she was targeted under Section 702 but the government didn’t tell her that, then WSJ’s sources would have reason to invent a traditional FISA source of her targeting.

WSJ’s sources are probably also engaging in misdirection with the details offered in this passage.

Investigators began what they call “circling the target,” which means examining the parts of Raphel’s life they could explore without subpoenas or warrants. Sitting in their cubicles on the fourth floor of the FBI’s Washington Field Office, a modern sandstone-colored building on the edge of Chinatown, the agents began to map her network of contacts and search for signs of disloyalty.

One of the first things they looked at was her “metadata”—the electronic traces of who she called or emailed, and also when and for how long. Her metadata showed she was in frequent contact with a host of Pakistan officials that didn’t seem to match what the FBI believed was her rank and role.

After all, the NSA would have already had every bit of metadata reflecting a conversation between Raphel and a targeted official, and the story makes it clear elsewhere a great many of Raphel’s interlocutors were targeted. Indeed, in court filings, the NSA has made it clear that it prioritizes intercepts that reflect a conversation with an American. So the NSA analysts who first alerted the FBI to Raphel’s conversations would have based that alert, in significant part, on precisely that kind of metadata analysis. Sure, the FBI would recollect that metadata, laundering the original source, but the government would have already have analyzed a great deal of it before tipping Raphel to FBI.

Spooks making claims about classified information

Across decades, because NSA and then FBI were collecting intercepts of Raphel’s conversations, she fell afoul of spooks who claimed information she learned on her own could only have come from intelligence agencies and therefore must be classified.

This actually happened twice, with the first time happening almost two decades before she was targeted personally. The first time came in the mid-1990s.

Not long after the amendment passed, Deputy Secretary of State Strobe Talbott sent an aide to Raphel’s office with a disturbing message.

According to officials, the aide told Raphel U.S. spy agencies had intercepted communications in which Pakistani officials suggested that Raphel had revealed sensitive information to them about what the U.S. knew about Pakistan’s nuclear work. U.S. intelligence officials said the information was classified and the disclosure wasn’t authorized.

Raphel denied disclosing too much. She consulted with top officials at the State Department’s internal intelligence branch, who recommended she ask Diplomatic Security—the security and law enforcement arm of the State Department—to investigate the matter.

Diplomatic Security agents interviewed Raphel about the alleged disclosures. They found no evidence of wrongdoing and took no disciplinary action against her.

The story suggests this 1990s incident arose, at least in part, out of animus on the part of spooks over her close ties and seeming empathy with the Pakistanis. The inquiry into her communications led her to keep records of her conversations, which she then took home with her when she first retired from State in 2004. When the FBI did a sneak and peek warrant on her home, they found these records and considered them mishandled classified information.

The CIA increasingly claimed readily available information belonged exclusively to them after Cameron Munter started objecting to drone strikes.

After Cameron Munter took over as the U.S. ambassador to Pakistan in 2010, the competing forces of intelligence and diplomacy began to collide. When Munter pushed the CIA to be more “judicious” in its drone strikes in the tribal areas, the CIA’s station chief responded by telling diplomats not to discuss the drone program even in private meetings with senior Pakistani officials. If asked, he told them, they should change the subject.

Senior diplomats in Islamabad knew this was impossible. The drone program came up all the time. There was no way to avoid the topic.

Raphel didn’t know the key details because her Top Secret clearance didn’t include access to the “compartment” that covered the covert program. When her Pakistani contacts complained about the strikes, Raphel told them what other diplomats would say—that the U.S. wouldn’t need to do so many if the Pakistani army did more to rein in militants in the tribal areas, according to people she spoke with.

Unsurprisingly, drone strikes were one of the topics that the FBI latched onto in her conversations with Lodhi, along with rumors of a coup and discussions of negotiations with the Taliban. Raphel was learning of such information independent of spy sources, yet because it replicated the information learned via spy sources, they claimed it was highly classified.

As the agents listened to the back-and-forth, they would check with U.S. intelligence officials to see if the topics which Raphel discussed with Lodhi— drones, coups and reconciliation talks with the Taliban—were classified. They were repeatedly told that yes, they were.

[snip]

During her visit, Raphel was in regular phone contact with Lodhi, who invited her to come to her home library to talk privately over tea. Officials briefed on the investigation said the information they exchanged during the trip about the prospects of a coup was similar to what U.S. spy agencies were picking up—the same kind of information that intelligence officials were putting in the President’s Daily Brief.

This is, of course, the same thing that happened with some, though not all, of Hillary’s emails (and unsurprisingly, some of Raphel’s communications were shared via aides with Hillary): the CIA claimed that they owned such information, and as such, any discussion outside of secure channels must be evidence of sharing classified information. In both cases, the information was readily available elsewhere.

Particularly when exacerbated by turf sensitivities and jealousy over Raphel’s access to top Pakistani officials, however, this can be a lethal combination. The CIA gets to criminalize officials for sharing information it deems its exclusive purview, even if those officials discovered the information independently.

The WSJ tells a story about the double edged sword of America’s dragnet: the degree to which it can implicate honest people because it captures so much, as well as the gaps in knowledge that result from overdependence on SIGINT.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Update, 9/8/15: We’ve subsequently learned that in 2015, the third certificate in 2011 was a vaguely defined “foreign government” one, which has been used very broadly (and lied about by the government on multiple occasions). NSA was contemplating a cyber certificate in 2012, but Bates’ 2011 decision may have made the terms of that difficult.

I joked yesterday that James Clapper did no more than cut and paste to accomplish President Obama’s order of providing a list of acceptable bulk collection. But I’d like to note something about the list of permissible uses of bulk collection.

Espionage and other threats and activities directed by foreign powers or their intelligence services against the United States and its interests;

Threats to the United States and its interests from terrorism;

Threats to the United States and its interests from the development, possession, proliferation, or use of weapons of mass destruction;

Cybersecurity threats;

Threats to U.S. or allied Armed Forces or other U.S. or allied personnel; and

Transnational criminal threats, including illicit finance and sanctions evasion related to the other purposes named above.

For months, I have been noting hints that the use of Section 702 — which is one of several kinds of domestic bulk collection — is limited by the number of certifications approved by FISC, which might be limited by FISC’s assessment of whether such certifications establish a certain level of “special need.”

In 2011, it seems clear from John Bates’ opinion on the government’s Section 702 applications, there were 3 certifications.

If there are just 3 certifications, then it seems clear they cover counterterrorism, counterproliferation, and cybersecurity (which is consistent with both ODNI’s public descriptions of Section 702 and the Presidential Review Group’s limits on it), 3 of 6 of the permitted uses of bulk collection.

Furthermore, there’s some history (you’ll have to take my word for this for now, but the evidence derives in part from reports on the use of National Security Letters) of lumping in Counterintelligence and Cybersecurity, because the most useful CI application of bulk collection would target technical exploits used for spying. So if that happens with 702 collection, then 4 of the 6 permissible applications would be covered by existing known certifications.

Threats against Armed Forces would, for the most part, be overseas, suggesting the bulk collection on it would be too. (Though it appears Bush’s illegal program used the excuse of force protection to spy on Iraqi-related targets, potentially even in the US, until the hospital confrontation stopped it.)

Which leaves just transnational crime threats — against which President Obama rolled out a parallel sanctions regime to terrorism in 2011 (though there had long been a regime against drug traffickers) — as the sole bulk collection that might apply in the US that doesn’t have certifications we know about.

Given that at least drug cartels have a far more viable — and deathly — operation in the United States than al Qaeda, I can’t think of any reason why the Administration wouldn’t have applied for a certification targeting TCOs, too (one of Treasury’s designated TCO targets — Russian and East European mobs — would have some overlap with the cyber function, and one — Yakuza — just doesn’t seem like a big threat to the US at all).

And last year’s Semiannual Compliance Assessment may support the argument that there are more than 3 certificates. In its description of the review process for 702 compliance, the report lays out review dates by certifications. Here’s the NSA review schedule:

This seems to show 4 lines of certifications, one each in August and December, but two in October. Perhaps they re-review one of the certifications (counterterrorism, most likely). But if not, it would seem to suggest there’s now a 4th certification.

Given that this requires manual review, I wouldn’t be surprised if they repeated the counterterrorism certifications review (and we don’t know whether all the NSA certifications would be used by FBI). But the redactions would at least allow for the possibility that there is a 4th certification, in addition to the 3 we know about.

Perhaps Obama rolled out TCOs as a 4th certification as he rolled out his new Treasury initiative on it (which would be after the applications laid out by Bates).

Of course, we don’t know. But I think two things are safe to say. First, the use of 702 is tied to certifications by topic. And the public statement about permissible use of bulk collection, it would seem to envision the possibility of a 4th certification covering TCOs, and with it, drug cartels.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

For months, I have been suggesting that the government only uses Section 702 of FISA, under which it collects data directly from US Internet providers and conducts some upstream content from telecom providers, for three purposes:

Counterterrorism

Counterproliferation

Cyber

I have said so based on two things: many points in documents — such as the second page from John Bates’ October 3, 2011 opinion on 702, above — make it clear there are 3 sets of certifications for 702 collection. And other explainer documents released by the government talk about those three topics (though they always stop short of saying the government collects on only those 3 topics).

[S]ection 702 authorized the FISC to approve annual certifications submitted by the Attorney General and the Director of National Intelligence (DNI) that identify certain categories of foreign intelligence targets whose communications may be collected, subject to FISC-approved targeting and minimization procedures. The categories of targets specified by these certifications typically consist of, for example, international terrorists and individuals involved in the proliferation of weapons of mass destruction.

If I’m right, it explains one of the issues driving overseas collection and, almost certainly, rising tensions with the Internet companies.

I suggested, for example, that this might explain why NSA felt the need to steal data from Google’s own fiber overseas.

I wonder whether the types of targets they’re pursuing have anything to do with this. For a variety of reasons, I’ve come to suspect NSA only uses Section 702 for three kinds of targets.

Terrorists

Arms proliferators

Hackers and other cyber-attackers

According to the plain letter of Section 702 there shouldn’t be this limitation; Section 702 should be available for any foreign intelligence purpose. But it’s possible that some of the FISC rulings — perhaps even the 2007-8 one pertaining to Yahoo (which the government is in the process of declassifying as we speak) — rely on a special needs exception to the Fourth Amendment tied to these three types of threats (with the assumption being that other foreign intelligence targets don’t infiltrate the US like these do).

Which would make this passage one of the most revealing of the WaPo piece.

One weekly report on MUSCULAR says the British operators of the site allow the NSA to contribute 100,000 “selectors,” or search terms. That is more than twice the number in use in the PRISM program, but even 100,000 cannot easily account for the millions of records that are said to be sent back to Fort Meade each day.

Given that NSA is using twice as many selectors, it is likely the NSA is searching on content outside whatever parameters that FISC sets for it, perhaps on completely unrelated topics altogether. This may well be foreign intelligence, but it may not be content the FISC has deemed worthy of this kind of intrusive search.

That is, if NSA can only collect 3 topics domestically, but has other collection requirements it must fulfill — such as financial intelligence on whether the economy is going to crash, which FISC would have very good reasons not to approve as a special need for US collection — then they might collect it overseas (and in the Google case, they do it with the help of GCHQ). But as Google moved to encryption by default, NSA would have been forced to find new ways to collect it.

Which might explain why they found a way to steal data in motion (on Google’s cables, though).

Here’s the thing, though. As I’ll note in a piece coming out later today, the Review also emphasizes that EO 12333 should only be available for collection not covered by FISA. With Section 702, FISA covers all collection from US Internet providers. So FISC’s refusal to approve (or DOJ’s reluctance to ask for approval) to collect on other topics should foreclose that collection entirely. The government should not be able to collect some topics under 702 here, then steal on other topics overseas.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Since it became clear Mike Rogers had chosen not to pass on the Administration’s notice of phone dragnet problems, I’ve been wondering if he did the same with any notice about the FISA Amendments Act upstream problems.

In response to a query from Politico, Rogers and his counterpart Dutch Ruppersberger seem to suggest they did not pass on the notice.

Moreover, the House leaders who held the keys to the report did not loudly broadcast its existence to the rest of the chamber. The chairman of the Intelligence Committee, Rogers, and the panel’s ranking Democrat, Dutch Ruppersberger of Maryland, declined to say whether they even had sent a letter in 2012 informing members there had been a critical document to view. Hill sources say they don’t recall anything of the sort.

More telling still, though, is Rupp’s justification for providing briefings instead of the actual white paper.

Party leaders did hold unclassified and classified briefings on FISA, but they occurred just days before the House’s September 2012 vote to reauthorize the law. The Republican briefing, for example, occurred only two days before the House approved the FISA Amendments Act, according to an invite obtained by POLITICO. Yet nowhere in the message, sent Sept. 7, 2012, is any mention of the White House white paper on FISA oversight — the document that detailed how the agency had erred in collecting U.S. communications.

Committee leaders, though, stress they acted appropriately. “Members were notified of the contents of the white paper through the briefing,” Ruppersberger told POLITICO. “We felt that a briefing was an appropriate way to notify members of this important issue so that they would have the opportunity to get all of their questions answered immediately.”

The congressman continued: “Some members chose to take advantage of a briefing and some did not. We thought offering a briefing shortly before the vote was held would work best with members’ busy schedules and keep the issue fresh in their minds as they cast their vote.” [my emphasis]

In his explanation, Rupp explains that members have busy schedules.

And his accommodation for those busy schedules was to require members who want to be informed on issues they didn’t receive notice of adjust their busy schedule to show up at one of two briefings, rather than go to a SCIF to read a document during whatever time is most convenient for them. Indeed, I’ve heard from members that that’s part of the problem with briefings — they require people to drop all their other important issues and cater to Rogers’ and Rupp’s schedules, instead. All to learn about issues not identified in the meeting notice.

I’d add two points to the Politico piece. First, while it notes that the notice pitched the 2011 compliance problems as an example of functional oversight, there’s another problem with it. It doesn’t appear to reveal that some agency (probably FBI) already did, and the NSA newly started searching on incidentally collected US person data. Thus, it left out one of the most crucial aspects of the 2011 opinion, that it permitted the access to US person communications without a warrant.

And then a persnickety issue. Politico makes this claim.

The Washington Post first revealed that lapse in PATRIOT Act oversight in August, which at the time Rogers acknowledged “very few members” had taken advantage of any related briefing opportunities.

As the reporter admitted he knew, the WaPo did not, in fact, “first” reveal the earlier failure to pass on the notice. The WaPo reporting followed my own and the Guardian’s, as well as several other sites. The whole issue of “first” is stupid, but why use it, particularly if you know it is factually inaccurate?

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

https://www.emptywheel.net/wp-content/uploads/2016/07/Logo-Web.png00emptywheelhttps://www.emptywheel.net/wp-content/uploads/2016/07/Logo-Web.pngemptywheel2013-10-11 09:44:312013-10-11 09:44:31Shorter Rupp: We Inform Members at Briefings They Can't Attend Because They're Too Busy

The Guardian today confirms what Ron Wyden and, before him, Russ Feingold have warned about for years. In a glossary updated in June 2012, the NSA claims that minimization rules “approved” on October 3, 2011 “now allow for use of certain United States person names and identifiers as query terms.”

A secret glossary document provided to operatives in the NSA’s Special Source Operations division – which runs the Prism program and large-scale cable intercepts through corporate partnerships with technology companies – details an update to the “minimization” procedures that govern how the agency must handle the communications of US persons. That group is defined as both American citizens and foreigners located in the US.

“While the FAA 702 minimization procedures approved on 3 October 2011 now allow for use of certain United States person names and identifiers as query terms when reviewing collected FAA 702 data,” the glossary states, “analysts may NOT/NOT [not repeat not] implement any USP [US persons] queries until an effective oversight process has been developed by NSA and agreed to by DOJ/ODNI [Office of the Director of National Intelligence].”

The term “identifiers” is NSA jargon for information relating to an individual, such as telephone number, email address, IP address and username as well as their name.

The document – which is undated, though metadata suggests this version was last updated in June 2012 – does not say whether the oversight process it mentions has been established or whether any searches against US person names have taken place.

The Guardian goes on to quote Ron Wyden confirming that this is the back door he’s been warning about for years.

Once Americans’ communications are collected, a gap in the law that I call the ‘back-door searches loophole’ allows the government to potentially go through these communications and conduct warrantless searches for the phone calls or emails of law-abiding Americans.

But the Guardian is missing one critical part of this story.

The FISC Court didn’t just “approve” minimization procedures on October 3, 2011. In fact, that was the day that it declared that part of the program — precisely pertaining to minimization procedures — violated the Fourth Amendment.

So where the glossary says minimization procedures approved on that date “now allow” for querying US person data, it almost certainly means that on October 3, 2011, the FISC court ruled the querying the government had already been doing violated the Fourth Amendment, and sent it away to generate “an effective oversight process,” even while approving the idea in general.

And note that FISC didn’t, apparently, require that ODNI/DOJ come back to the FISC to approve that new “effective oversight process.”

Consider one more thing.

As I have repeatedlyhighlighted, the Senate Intelligence Committee (and the Senate Judiciary Committee, though there’s no equivalent report) considered whether to regulate precisely this issue last year when extending the FISA Amendments Act.

Finally, on a related matter, the Committee considered whether querying information collected under Section 702 to find communications of a particular United States person should be prohibited or more robustly constrained. As already noted, the Intelligence Community is strictly prohibited from using Section 702 to target a U.S. person, which must at all times be carried out pursuant to an individualized court order based upon probable cause. With respect to analyzing the information lawfully collected under Section 702, however, the Intelligence Community provided several examples in which it might have a legitimate foreign intelligence need to conduct queries in order to analyze data already in its possession. The Department of Justice and Intelligence Community reaffirmed that any queries made of Section 702 data will be conducted in strict compliance with applicable guidelines and procedures and do not provide a means to circumvent the general requirement to obtain a court order before targeting a U.S. person under FISA.

But in spite of Ron Wyden and Mark Udall’s best efforts — and, it now appears, in spite of FISC concerns about precisely this issue — the Senate Intelligence Committee chose not to do so.

This strongly suggests that the concerns FISC had about the Fourth Amendment directly pertained to this backdoor search. But if that’s the case, it also suggests that none of NSA’s overseers — not the Intelligence Committees, not ODNI/DOJ, and not FISC — have bothered to actually close that back door.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

The Guardian has its latest scoop on NSA spying, describing the extent to which Microsoft helps the government spy on its customers. This bullet list is just some of what the article reveals.

Microsoft helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new Outlook.com portal;

The agency already had pre-encryption stage access to email on Outlook.com, including Hotmail;

The company worked with the FBI this year to allow the NSA easier access via Prism to its cloud storage service SkyDrive, which now has more than 250 million users worldwide;

Microsoft also worked with the FBI’s Data Intercept Unit to “understand” potential issues with a feature in Outlook.com that allows users to create email aliases;

Skype, which was bought by Microsoft in October 2011, worked with intelligence agencies last year to allow Prism to collect video of conversations as well as audio;

Material collected through Prism is routinely shared with the FBI and CIA, with one NSA document describing the program as a “team sport”.

But I’m as interested in some of the details about the cooperation as the impact of that cooperation.

For example, the story describes that this cooperation takes place through the Special Source Operations unit.

The latest documents come from the NSA’s Special Source Operations (SSO) division, described by Snowden as the “crown jewel” of the agency. It is responsible for all programs aimed at US communications systems through corporate partnerships such as Prism.

But we saw that when NSA approached (presumably) Microsoft in 2002, it did not approach via SSO; it used a more formal approach through counsel.

In addition, note how Skype increased cooperation in the months before Microsoft purchased it for what was then considered a hugely inflated price, and what is now being called (in other legal jurisdictions) so dominant that it doesn’t have to cooperate with others.

One document boasts that Prism monitoring of Skype video production has roughly tripled since a new capability was added on 14 July 2012. “The audio portions of these sessions have been processed correctly all along, but without the accompanying video. Now, analysts will have the complete ‘picture’,” it says.

Eight months before being bought by Microsoft, Skype joined the Prism program in February 2011.

According to the NSA documents, work had begun on smoothly integrating Skype into Prism in November 2010, but it was not until 4 February 2011 that the company was served with a directive to comply signed by the attorney general.

The NSA was able to start tasking Skype communications the following day, and collection began on 6 February. “Feedback indicated that a collected Skype call was very clear and the metadata looked complete,” the document stated, praising the co-operation between NSA teams and the FBI. “Collaborative teamwork was the key to the successful addition of another provider to the Prism system.”

While this isn’t as obvious as Verizon’s MCI purchase — which for the first time led that carrier to hand over Internet data — it does seem that those companies that cooperate with the NSA end up taking over their rivals.

Remember, the Department of Commerce plays some kind of role in ensuring that companies cooperate in protecting our critical infrastructure.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

One of my friends, who works in a strategic role at American Federation of Teachers, is Iranian-American. I asked him a few weeks ago whom he called in Iran; if I remember correctly (I’ve been asking a lot of Iranian-Americans whom they call in Iran) he said it was mostly his grandmother, who’s not a member of the Republican Guard or even close. Still, according to the statement that Dianne Feinstein had confirmed by NSA Director Keith Alexander, calls “related to Iran” are fair game for queries of the dragnet database of all Americans’ phone metadata.

Chances are slim that my friend’s calls to his grandmother are among the 300 identifiers the NSA queried last year, unless (as is possible) they monitored all calls to Iran. But nothing in the program seems to prohibit it, particularly given the government’s absurdly broad definitions of “related to” for issues of surveillance and its bizarre adoption of a terrorist program to surveil another nation-state. And if someone chose to query on my friend’s calls to his grandmother, using the two-degrees-of-separation query they have used in the past would give the government — not always the best friend of teachers unions — a pretty interesting picture of whom the AFT was partnering with and what it had planned.

In other words, nothing in the law or the known minimization rules of the Business Records provision would seem to protect some of the AFT’s organizational secrets just because they happen to employ someone whose grandmother is in Iran. That’s not the only obvious way labor discussions might come under scrutiny; Colombian human rights organizers with tangential ties to FARC is just one other one.

When I read labor organizer Louis Nayman’s “defense of PRISM,” it became clear he’s not aware of many details of the programs he defended. Just as an example, Nayman misstated this claim:

According to NSA officials, the surveillance in question has prevented at least 50 planned terror attacks against Americans, including bombings of the New York City subway system and the New York Stock Exchange. While such assertions from government officials are difficult to verify independently, the lack of attacks during the long stretch between 9/11 and the Boston Marathon bombings speaks for itself.

Keith Alexander didn’t say NSA’s use of Section 702 and Section 215 have thwarted 50 planned attacks against Americans; those 50 were in the US and overseas. He said only around 10 of those plots were in the United States. That works out to be less than 20% of the attacks thwarted in the US just between January 2009 and October 2012 (though these programs have existed for a much longer period of time, so the percentage must be even lower). And there are problems with three of the four cases publicly claimed by the government — from false positives and more important tips in the Najibullah Zazi case, missing details of the belated arrest of David Headley, to bogus claims that Khalid Ouazzan ever planned to attack NYSE. The sole story that has stood up to scrutiny is some guys who tried to send less than $10,000 to al-Shabaab.

While that doesn’t mean the NSA surveillance programs played no role, it does mean that the government’s assertions of efficacy (at least as it pertains to terrorism) have proven to be overblown.

Yet from that, Nayman concludes these programs have “been effective in keeping us safe” (given Nayman’s conflation of US and overseas, I wonder how families of the 166 Indians Headley had a hand in killing feel about that) and defends giving the government legal access (whether they’ve used it or not) to — among other things — metadata identifying the strategic partners of labor unions with little question.

And details about the success of the program are not the only statements made by top National Security officials that have proven inaccurate or overblown. That’s why Nayman would be far better off relying on Mark Udall and Ron Wyden as sources for whether or not the government can read US person emails without probable cause than misstating what HBO Director David Simon has said (Simon said that entirely domestic communications require probable cause, which is generally but not always true). And not just because the Senators are actually read into these programs. After the Senators noted that Keith Alexander had “portray[ed] protections for Americans’ privacy as being significantly stronger than they actually are” — specifically as it relates to what the government can do with US person communications collected “incidentally” to a target — Alexander withdrew his claims.

Nayman says, “As people who believe in government, we cannot simply assume that officials are abusing their lawfully granted responsibility and authority to defend our people from violence and harm.” I would respond that neither should we simply assume they’re not abusing their authority, particularly given evidence those officials have repeatedly misled us in the past.

Nayman then admits, “We should do all we can to assure proper oversight any time a surveillance program of any size and scope is launched.” But a big part of the problem with these programs is that the government has either not implemented or refused such oversight. Some holes in the oversight of the program are:

NSA has not said whether queries of the metadata dragnet database are electronically recorded; both SWIFT and a similar phone metadata program queries have been either sometimes or always oral, making them impossible to audit

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

https://www.emptywheel.net/wp-content/uploads/2016/07/Logo-Web.png00emptywheelhttps://www.emptywheel.net/wp-content/uploads/2016/07/Logo-Web.pngemptywheel2013-07-07 11:44:472013-07-07 11:55:09In These Times We Can't Blindly Trust Government to Respect Freedom of Association

If the Director of National Intelligence corrects a lie but nobody hears it, does it make a sound?

Greg Miller returns focus to James Clapper and Keith Alexander and President Obama’s lies that underscore why, at least for some of his leaks, Edward Snowden must count as a whistleblower. He reveals two new details about why Clapper is not headed for prison.

First, Clapper claims his staffers acknowledged to Wyden (presumably not in writing) his error after the Senator demanded a correction.

Sen. Ron Wyden (D-Ore.), who had asked Clapper the question about information collection on Americans, said in a recent statement that the director had failed to clarify the remark promptly despite being asked to do so. Clapper disputed that in his note to the committee, saying his “staff acknowledged the error to Senator Wyden’s staff soon after the hearing.”

And then, more than two weeks after Snowden proved Clapper to be a liar (and 10 days after Wyden called for hearings for the Intelligence Committee to correct their disinformation), Clapper sent the Senate Intelligence Committee a letter apologizing for his “clearly erroneous” comment.

Acknowledging the “heated controversy” over his remark, Clapper sent a letter to the Senate Intelligence Committee on June 21 saying that he had misunderstood the question he had been asked.

“I have thought long and hard to re-create what went through my mind at the time,” Clapper said in the previously undisclosed letter. “My response was clearly erroneous — for which I apologize.” [my emphasis]

Miller also reveals that Clapper presented yet another explanation for why his lie wasn’t really a lie.

He made a new attempt to explain the exchange in his June 21 correspondence, which included a hand-written note to Wyden saying that an attached letter was addressed to the committee chairman but that he “wanted [Wyden] to see this first.”

Clapper said he thought Wyden was referring to NSA surveillance of e-mail traffic involving overseas targets, not the separate program in which the agency is authorized to collect records of Americans’ phone calls that include the numbers and duration of calls but not individuals’ names or the contents of their calls.

Referring to his appearances before Congress over several decades, Clapper concluded by saying that “mistakes will happen, and when I make one, I correct it.”

Note, this particular lie retreats to Administration claims that they no longer collect Internet metadata, at least no via Section 702 collection, at least as far as they’lll tell us.

Of course, that’s only been true (if it is in fact true) since 2011, for what that’s worth.

One thing Miller is missing in this otherwise laudable article is one more detail from Wyden: that he gave Clapper notice he was going to ask the question.

Clapper got the question for the test before taking it, and he still — he says — misunderstood it.

But of course that’s not what happened. The way Clapper has made false statements in public and then “acknowledged errors” in secret is all part of the game by which Clapper mostly sort of tells the truth to Congress, but continues to lie to the American people.

In other news, it has now been almost a week since, caught in another lie, the NSA took down their “Section 702 Protections” document, without replacing them with an accurate description of what protections, if any, Americans have under Section 702.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Update: To help Joshua Foust understand this topic, I did a second, really basic version of this post here. So if you’re fairly new to all this stuff, you might start there and then come back.

Update: Alexander’s office has conceded Udall and Wyden’s point about the classified inaccuracy. It also notes:

With respect to the second point raised in your 24 June 2013 letter, the fact sheet did not imply nor was it intended to imply “that the NSA has the ability to determine how many American communications it has collected under section 702, or that the law does not allow the NSA to deliberately search for the records of particular Americans.”

He then cites two letters from James Clapper’s office which I don’t believe have been published.

I’ve seen some people complaining that Ron Wyden and Mark Udall didn’t explicitly describe what Keith Alexander’s lies were in the NSA handout on Section 702 collection (note, as of 1PM, NSA has taken down their handout from their server). I’m okay with them leaving big breadcrumbs instead, not least because until we fix intelligence oversight, we’re going to need people like them who manage to stay on the committees but lay these signposts.

That said, I think people are underestimating how big of a signpost they did leave. Consider this, from their letter:

Separately, this same fact sheet states that under Section 702, “Any inadvertently acquired communication of or concerning a US person must be promptly destroyed if it is neither relevant to the authorized purpose nor evidence of a crime.” We believe that this statement is somewhat misleading, in that it implies that the NSA has the ability to determine how many American communications it has collected under section 702, or that the law does not allow the NSA to deliberately search for the records of particular Americans. [my emphasis]

During the Committee’s consideration of this legislation, several Senators expressed a desire to quantify the extent of incidental collection under Section 702. I share this desire. However, the Committee has been repeatedly advised by the ODNI that due to the nature of the collection and the limits of the technology involved, it is not reasonably possible to identify the number of people located in the United States whose communications may have been reviewed under Section 702 authority. Senators Ron Wyden and Mark Udall have requested a review by the Inspector General of the NSA and the Inspector General of the Intelligence Community to determine whether it is feasible to estimate this number. The Inspectors General are conducting that review now, thus making an amendment on this subject unnecessary.

Finally, on a related matter, the Committee considered whether querying information collected under Section 702 to find communications of a particular United States person should be prohibited or more robustly constrained. As already noted, the Intelligence Community is strictly prohibited from using Section 702 to target a U.S. person, which must at all times be carried out pursuant to an individualized court order based upon probable cause. With respect to analyzing the information lawfully collected under Section 702, however, the Intelligence Community provided several examples in which it might have a legitimate foreign intelligence need to conduct queries in order to analyze data already in its possession. [my emphasis]

This passage made it clear that the Intelligence Community had demanded the ability to search on US person data already collected. Wyden and Udall’s letter makes that even more clear.

They make it clear that US person communications will be retained if they contain foreign intelligence information (a term not defined in the procedures), including those they collected because (they claim) they’re unable to filter it out.

3(b)

(1) Personnel will exercise reasonable judgment in determining whether information acquired must be minimized and will destroyed inadvertently acquired communications of or concerning a United States person at the earliest practicable point in the processing cycle at which such communication can be identified either: as clearly not relevant to the authorized purpose of the acquisition (e.g., the communication does not contain foreign intelligence information)

[snip]

The communications that may be retained include electronic communications acquired because of limitations on NSA’s ability to filter communications.

(2) Communications of or concerning United States persons that may be related to the authorized purpose of the acquisition may be forwarded to analytic personnel responsible for producing intelligence information from the collected data.

The procedures make it clear that, with authorization from the NSA Director, even communications entirely between US persons may be retained (see section 5) if they are of significant intelligence value. Communications showing a communications security vulnerability may also be retained (this permission, related to cybersecurity, was not made public in the NSA handout).

And here’s perhaps the most interesting way of keeping US person data.

6(c)

(1) NSA may provide to the Central Intelligence Agency (CIA) unminimized communications acquired pursuant to section 702 of the Act. CIA will identify to NSA targets for which NSA may provide unminimized communications to CIA. CIA will process any such unminimized communications received from NSA in accordance with CIA minimization procedures …

(2) NSA may provide to the FBI unminimized communications acquired pursuant to section 702 of the Act. FBI will identify to NSA targets for which NSA may provide unminimized communications to the FBI. FBI will process any such unminimized communications received from NSA in accordance with FBI minimization procedures …

This is a kind of collection that Pat Leahy seems to believe escapes review by current Inspector General reviews of the program, as he tried to mandate such reviews in last year’s reauthorization.

The minimization procedures also appear to support Julian Sanchez’ guesstimate of how they could pull up US person contacts, since a phone number or unique name are not explicitly included among the identifiers that would constitute IDing a US person.

Now, all that doesn’t specifically address the other lie Wyden and Udall invoked, which they describe “portrays protections for Americans’ privacy as being significantly stronger than they actually are.” But I think the points I’ve laid out above — particularly the cybersecurity collection that is entirely unmentioned in the 702 sheet — probably lays out the gist of Alexander’s lies.

The government has spent the entire time since these documents were revealed trying to lie to Americans about whether their contacts with foreigners can be retained and read. And those lies keep getting exposed.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Given the Intelligence Community’s reluctant and partial disclosures on the Section 702 (PRISM/FAA) collection, I want to return to a squabble from last fall, before Congress reauthorized FAA.

As you’ll recall, Ron Wyden tried to get the IC to disclose the number of Americans whose communication had been reviewed under Section 702. The IC dicked around long enough to ensure Wyden didn’t get an answer in time to make a political stink about it. When they finally gave him an answer, they said providing such a number would violate the privacy of Americans.

I defer to [the NSA Inspector General’s] conclusion that obtaining such an estimate was beyond the capacity of his office and dedicating sufficient additional resources would likely impede the NSA’s mission. He further stated that his office and NSA leadership agreed that an IG review of the sort suggested would itself violate the privacy of U.S. persons.

Ultimately, this statement seemed to be as much about resource allocation as anything else — the NSA and IC IGs would need more staff to accomplish the tast. (I must say, I do find it interesting the ICIG has time to investigate 375 leaks but not enough time to find out how many Americans are being spied on.)

These procedures require that the acquisition of information is conducted, to the greatest extent reasonably feasible, to minimize the acquisition of information not relevant to the authorized foreign intelligence purpose.

Any inadvertently acquired communication of or concerning a U.S. person must be promptly destroyed if it is neither relevant to the authorized purpose nor evidence of a crime.

[snip]

Any information collected after a foreign target enters the U.S. –or prior to a discovery that any target erroneously believed to be foreign was in fact a U.S. person– must be promptly destroyed unless that information meets specific, limited criteria approved by the Foreign Intelligence Surveillance Court.

The dissemination of any information about U.S. persons is expressly prohibited unless it is necessary to understand foreign intelligence or assess its importance; is evidence of a crime; or indicates a threat of death or serious bodily harm.

Now, these passages ought to make people more worried about privacy than not. Stated clearly, it says the government believes it can collect and keep US person content if it deems that content “relevant” to the reason they collected the information.

Remember two things: this collection is not limited to use with terrorism; it can be used for espionage investigations, hacking, or any foreign intelligence purpose. And the government has already deemed every single one of our phone records to be “relevant” to an umbrella terror investigation, so the definition of relevance the government has developed in secret is unbelievably broad and persmissive.

That collection — the people whose content is reviewed and deemed relevant and kept — is the universe of people Wyden wanted to count. And the government is making decisions about the relevance of them in secret, but not tracking the process by which they do so.

Note too that the government can disseminate US person communications if “it is necessary to understand foreign intelligence.” This is not news (which is why it is so appalling that people were fighting over whether the government could listen to US person calls or read their emails). It is part of traditional FISA, too. (It was using that excuse that John Bolton was learning about what his rivals were negotiating with the North Koreans.) But given how much more information an analyst can access both because she is accessing all Internet activity and not just phone, but also because more associated communications are sucked up with a target, it means many more US persons’ communications might be disseminated. It’s not clear, by the way, such dissemination would exclude privileged conversations between lawyers and clients, or discussions between journalists and sources.

And this second group of people — the ones whose communications are being circulated — are counted.

Though we’re not allowed to know what those numbers are.

Here’s what the DOJ Inspector General Michael Horowitz had to say about a statutorily required review of the 702 collection he recently completed (I think, but it’s not entirely clear, that Horowitz didn’t finish this review until after FAA was renewed last year — I know he didn’t finish it before the Judiciary and Intelligence Committees passed it out).

Inspector General Michael E. Horowitz of the United States Department of Justice Office of the Inspector General (OIG) recently issued a report examining the activities of the Federal Bureau of Investigation (FBI) under Section 702 of the Foreign Intelligence Surveillance Act Amendments Act of 2008 (Act). Section 702 authorizes the targeting of non-U.S. persons reasonably believed to be outside the United States for the purpose of acquiring foreign intelligence information. The Act required that the Inspector General conduct a review of the Department’s role in this process and, in conjunction with this review, the OIG reviewed the number of disseminated FBI intelligence reports containing a reference to a U.S. person identity, the number of U.S. person identities subsequently disseminated in response to requests for identities not referred to by name or title in the original reporting, the number of targets later determined to be located in the United States, and whether communications of such targets were reviewed. See 50 U.S.C. 1881a(l)(2)(B) and (C). The OIG also reviewed the FBI’s compliance with the targeting and minimization procedures required under the Act.

The final report has been issued and delivered to the relevant Congressional oversight and intelligence committees, as well as leadership offices. Because the report is classified, its contents cannot be disclosed to the public.

In other words, the DOJ IG counted — because the law required him to — the following:

The number of US person-related communication that got disseminated in a first dissemination of intelligence

The number of US persons whose identity identified in a follow-up on an original dissemination

The number of targets originally believed to be foreign who end up being US persons (note, the NSA conveniently doesn’t explain what the specific criteria are that would allow the government to keep these communications … I wonder why?)

But it did not count how many US persons’ communications were reviewed but not disseminated, many of which may be retained under the relevance standard.

In general, when the government chooses not to count things, there’s a reason it doesn’t want to.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.